123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112 |
- use crate::{schema, UIDCError};
- use microrm::prelude::*;
- pub fn create_scope(
- qi: µrm::QueryInterface,
- realm_id: schema::RealmID,
- name: &str,
- ) -> Result<(), UIDCError> {
- qi.add(&schema::Scope {
- realm: realm_id,
- shortname: name.into(),
- })?;
- Ok(())
- }
- pub fn list_scopes(
- qi: µrm::QueryInterface,
- realm_id: schema::RealmID,
- ) -> Result<(), UIDCError> {
- for scope in qi.get().by(schema::Scope::Realm, &realm_id).all()? {
- println!("{}", scope.shortname);
- }
- Ok(())
- }
- pub fn inspect_scope(
- qi: µrm::QueryInterface,
- realm_id: schema::RealmID,
- scope_name: &str,
- ) -> Result<(), UIDCError> {
- let scope = qi
- .get()
- .by(schema::Scope::Realm, &realm_id)
- .by(schema::Scope::Shortname, scope_name)
- .one()?
- .ok_or(UIDCError::Abort("no such scope"))?;
- println!("scope name: {}", scope.shortname);
- println!("attached roles:");
- for scope_role in qi.get().by(schema::ScopeRole::Scope, &scope.id()).all()? {
- let role = qi
- .get()
- .by_id(&scope_role.role)
- .one()?
- .ok_or(UIDCError::Abort("role referenced that no longer exists?"))?;
- println!(" - {}", role.shortname);
- }
- Ok(())
- }
- pub fn attach_role(
- qi: µrm::QueryInterface,
- realm_id: schema::RealmID,
- scope_name: &str,
- role_name: &str,
- ) -> Result<(), UIDCError> {
- let scope = qi
- .get()
- .by(schema::Scope::Realm, &realm_id)
- .by(schema::Scope::Shortname, scope_name)
- .one()?;
- let role = qi
- .get()
- .by(schema::Role::Realm, &realm_id)
- .by(schema::Role::Shortname, role_name)
- .one()?;
- match (scope, role) {
- (None, _) => Err(UIDCError::Abort("no such scope")),
- (_, None) => Err(UIDCError::Abort("no such role")),
- (Some(scope), Some(role)) => {
- qi.add(&schema::ScopeRole {
- scope: scope.id(),
- role: role.id(),
- })?;
- Ok(())
- }
- }
- }
- pub fn detach_role(
- qi: µrm::QueryInterface,
- realm_id: schema::RealmID,
- scope_name: &str,
- role_name: &str,
- ) -> Result<(), UIDCError> {
- let scope = qi
- .get()
- .by(schema::Scope::Realm, &realm_id)
- .by(schema::Scope::Shortname, scope_name)
- .one()?;
- let role = qi
- .get()
- .by(schema::Role::Realm, &realm_id)
- .by(schema::Role::Shortname, role_name)
- .one()?;
- if let Some((scope, role)) = scope.as_ref().zip(role) {
- qi.delete()
- .by(schema::ScopeRole::Scope, &scope.id())
- .by(schema::ScopeRole::Role, &role.id())
- .exec()?
- } else if scope.is_none() {
- println!("No such scope!");
- } else {
- println!("No such role!");
- }
- Ok(())
- }
|